$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft File: khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json) Hash identifier: A6PWdkZALEgt6WITASnHWa640V4WJiIxB0Z2rE4teac= Subject key identifier: 33:09:61:D8:76:ED:37:D5:6F:F9:1A:8E:EF:3B:76:9E:91:54:53:E1 Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 Certificate issuer: /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Certificate serial: 0431 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft Manifest number: 0427 Signing time: Sun 01 Mar 2026 01:12:12 +0000 Manifest this update: Sun 01 Mar 2026 01:12:11 +0000 Manifest next update: Sun 08 Mar 2026 01:12:11 +0000 Files and hashes: 1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: 1vJoou4RDHq2UXTVrqLJgEL/ODZ1BsV+STMj4AmKZ1k=) 2: EA8F3FAE6F8611F0BA25F244C4F9AE02.roa (hash: 1Pf8TzmStlNv8sOjb51A77gXMYXTgCciVVvajyk1hsg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 01:12:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1073 (0x431) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Validity Not Before: Mar 1 01:12:11 2026 GMT Not After : Mar 8 01:12:11 2026 GMT Subject: CN=69a3926c-05ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ba:10:01:1e:ad:d3:d9:5c:d3:11:d1:9b:f3: fb:e6:64:f4:cb:45:2e:2e:97:67:31:fe:89:28:f3: f2:51:28:2d:51:0b:76:0b:a1:37:10:3e:bd:ed:22: f3:a6:e3:c7:94:04:7a:38:2c:64:7e:80:ae:9e:a8: 06:93:a3:f3:31:a1:43:38:26:ac:00:97:bd:47:5d: 35:42:6d:73:2b:b1:96:72:d1:7f:94:3a:70:64:8a: 01:f3:45:2d:72:5e:19:04:c5:4d:d9:45:71:ca:cd: c0:c7:7b:37:b4:53:a2:08:10:9c:4e:0b:d7:55:1d: a1:f3:91:2a:33:9a:92:cb:94:a6:01:38:c0:49:96: 3d:a4:08:50:e0:bd:d1:55:8f:dd:20:a1:eb:50:75: ea:00:19:47:d0:e0:8c:22:be:19:97:ff:02:ec:0a: f4:07:00:01:51:55:f1:66:8f:39:cc:3b:3c:d8:75: 94:f9:a6:44:88:ae:40:ef:7a:23:51:9c:ee:c4:e0: 59:3c:cd:38:6f:67:0b:72:6a:67:22:8d:25:48:d9: 6b:f1:ce:a2:64:33:14:80:43:d0:e3:c6:3f:c2:6b: 8c:a7:c3:f3:c8:3c:d9:82:81:2c:78:c4:dc:3f:ff: 8d:06:7a:73:b4:ca:03:f5:dd:96:73:ab:bb:4c:91: 7e:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:09:61:D8:76:ED:37:D5:6F:F9:1A:8E:EF:3B:76:9E:91:54:53:E1 X509v3 Authority Key Identifier: keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:bc:3f:b8:e0:7b:31:0c:f9:5c:f0:35:46:99:94:88:bf:dd: 7c:77:e5:61:1b:9c:36:66:4e:c1:d7:8a:0a:31:1e:82:7c:f0: f7:71:1d:24:df:d5:2e:90:4c:81:96:01:09:66:26:c6:ad:19: 98:e5:93:dc:d2:af:f0:e1:71:a6:89:b7:79:db:31:3c:a0:d6: 97:89:64:78:5a:2a:e5:ba:da:a6:98:25:82:cf:5a:1d:1a:e1: 64:57:79:b2:7e:b3:93:f3:a6:62:cc:bc:0b:24:4f:15:b9:44: df:08:52:a5:78:03:da:8b:16:9e:71:47:e9:09:6d:90:b7:1b: bd:5d:2b:01:15:3b:d6:b2:f0:bb:80:76:99:cb:71:9e:94:e0: b4:04:55:f8:f0:1e:b5:1f:b6:e1:44:e3:38:d8:42:80:1d:6f: 7b:72:a5:bd:d0:ed:74:b2:e6:c5:e8:a8:30:c9:22:fb:f1:f9: 6d:00:14:d4:5b:f1:68:0d:30:b6:e8:db:5a:c8:45:f5:da:28: 68:f2:af:2c:97:79:39:48:48:e8:20:e1:60:d7:7d:5d:02:33: ba:0d:58:47:f5:c6:85:a3:fa:ee:45:23:f6:ce:04:0b:11:db: 39:a9:f6:dd:86:24:7a:69:ea:b6:b1:d4:7c:fe:77:56:45:69: 6c:38:9c:68 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgICBDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3 MjBDQjQ4OTAwHhcNMjYwMzAxMDExMjExWhcNMjYwMzA4MDExMjExWjAYMRYwFAYD VQQDDA02OWEzOTI2Yy0wNWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsroQAR6t09lc0xHRm/P75mT0y0UuLpdnMf6JKPPyUSgtUQt2C6E3ED697SLz puPHlAR6OCxkfoCunqgGk6PzMaFDOCasAJe9R101Qm1zK7GWctF/lDpwZIoB80Ut cl4ZBMVN2UVxys3Ax3s3tFOiCBCcTgvXVR2h85EqM5qSy5SmATjASZY9pAhQ4L3R VY/dIKHrUHXqABlH0OCMIr4Zl/8C7Ar0BwABUVXxZo85zDs82HWU+aZEiK5A73oj UZzuxOBZPM04b2cLcmpnIo0lSNlr8c6iZDMUgEPQ48Y/wmuMp8PzyDzZgoEseMTc P/+NBnpztMoD9d2Wc6u7TJF+lQIDAQABo4ICczCCAm8wHQYDVR0OBBYEFDMJYdh2 7TfVb/kaju87dp6RVFPhMB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGQBggrBgEFBQcBCwSBgzCBgDB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw SXVEV2FqeTZwQVp5RExTSkEubWZ0MBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC AQEAjrw/uOB7MQz5XPA1RpmUiL/dfHflYRucNmZOwdeKCjEegnzw93EdJN/VLpBM gZYBCWYmxq0ZmOWT3NKv8OFxpom3edsxPKDWl4lkeFoq5brappglgs9aHRrhZFd5 sn6zk/OmYsy8CyRPFblE3whSpXgD2osWnnFH6QltkLcbvV0rARU71rLwu4B2mctx npTgtARV+PAetR+24UTjONhCgB1ve3KlvdDtdLLmxeioMMki+/H5bQAU1FvxaA0w tujbWshF9dooaPKvLJd5OUhI6CDhYNd9XQIzug1YR/XGhaP67kUj9s4ECxHbOan2 3YYkemnqtrHUfP53VkVpbDicaA== -----END CERTIFICATE-----Generated at Sun Mar 1 20:31:22 2026 by rpki-client